Cryptography & Security: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Jochen (Diskussion | Beiträge) |
Jochen (Diskussion | Beiträge) |
||
| Zeile 1: | Zeile 1: | ||
__TOC__ | __TOC__ | ||
== OAuth2 == | |||
* [https://oauth.net/2/ Homepage] | |||
* [https://tools.ietf.org/html/rfc6749 RFC 6749: The OAuth 2.0 Authorization Framework] | |||
* [https://tools.ietf.org/html/rfc6750 RFC 6750: The OAuth 2.0 Authorization Framework: Bearer Token Usage] | |||
* [https://tools.ietf.org/html/rfc6819 RFC 6819: OAuth 2.0 Threat Model and Security Considerations] | |||
== OpenID Connect == | |||
* [http://openid.net/connect/ Homepage] | |||
* [http://openid.net/specs/openid-connect-core-1_0.html OpenID Connect Core 1.0 incorporating errata set 1] | |||
* [http://openid.net/specs/openid-connect-discovery-1_0.html OpenID Connect Discovery 1.0 incorporating errata set 1] | |||
* [http://openid.net/specs/openid-connect-registration-1_0.html OpenID Connect Dynamic Client Registration 1.0 incorporating errata set 1] | |||
* [http://openid.net/specs/oauth-v2-multiple-response-types-1_0.html OAuth 2.0 Multiple Response Type Encoding Practices] | |||
* [http://openid.net/specs/oauth-v2-form-post-response-mode-1_0.html OAuth 2.0 Form Post Response Mode] | |||
* [http://openid.net/specs/openid-connect-session-1_0.html OpenID Connect Session Management 1.0 - draft 27] | |||
* [OpenID Connect Front-Channel Logout 1.0 - draft 01 http://openid.net/specs/openid-connect-frontchannel-1_0.html] | |||
* [http://openid.net/specs/openid-connect-backchannel-1_0.html OpenID Connect Back-Channel Logout 1.0 - draft 03] | |||
== JSON Web Token == | |||
* [ ] | |||
* [ ] | |||
* [ ] | |||
* [ ] | |||
* [ ] | |||
* [ ] | |||
| Zeile 36: | Zeile 64: | ||
* [https://tools.ietf.org/html/rfc7512 PKCS #11: URI Scheme (RFC 7512)] | * [https://tools.ietf.org/html/rfc7512 PKCS #11: URI Scheme (RFC 7512)] | ||
* [https://tools.ietf.org/html/rfc7292 PKCS #12: Personal Information Exchange Syntax Version 1.1 (RFC 7292)] | * [https://tools.ietf.org/html/rfc7292 PKCS #12: Personal Information Exchange Syntax Version 1.1 (RFC 7292)] | ||
== Generic Security Service API (GSS-API) == | |||
* [https://tools.ietf.org/html/rfc2743 RFC 2743: Generic Security Service Application Program Interface Version 2, Update 1] | |||
* [https://tools.ietf.org/html/rfc5554 RFC 5554: Clarifications and Extensions to the Generic Security Service Application Program Interface (GSS-API) for the Use of Channel Bindings] | |||
* [https://tools.ietf.org/html/rfc2479 RFC 2479: Independent Data Unit Protection Generic Security Service Application Program Interface (IDUP-GSS-API)] | |||
* [https://tools.ietf.org/html/rfc2744 RFC 2744: Generic Security Service API Version 2 : C-bindings] | |||
* [https://tools.ietf.org/html/rfc5653 RFC 5653: Generic Security Service API Version 2: Java Bindings Update] | |||
Version vom 3. Oktober 2016, 15:18 Uhr
OAuth2
- Homepage
- RFC 6749: The OAuth 2.0 Authorization Framework
- RFC 6750: The OAuth 2.0 Authorization Framework: Bearer Token Usage
- RFC 6819: OAuth 2.0 Threat Model and Security Considerations
OpenID Connect
- Homepage
- OpenID Connect Core 1.0 incorporating errata set 1
- OpenID Connect Discovery 1.0 incorporating errata set 1
- OpenID Connect Dynamic Client Registration 1.0 incorporating errata set 1
- OAuth 2.0 Multiple Response Type Encoding Practices
- OAuth 2.0 Form Post Response Mode
- OpenID Connect Session Management 1.0 - draft 27
- [OpenID Connect Front-Channel Logout 1.0 - draft 01 http://openid.net/specs/openid-connect-frontchannel-1_0.html]
- OpenID Connect Back-Channel Logout 1.0 - draft 03
JSON Web Token
- [ ]
- [ ]
- [ ]
- [ ]
- [ ]
- [ ]
Einweg-Hashfunktionen
- RFC 1321: The MD5 Message-Digest Algorithm
- RFC 2104: HMAC: Keyed-Hashing for Message Authentication
- RFC 6151: Updated Security Considerations for the MD5 Message-Digest and the HMAC-MD5 Algorithms
- RFC 6234: US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)
- FIPS PUB 180-4: Secure Hash Standard (SHS)
Protokolle zur Authentifizierung
- The NTLM Authentication Protocol (PDF)
- RFC 4120: The Kerberos Network Authentication Service (V5)
- RFC 4120: The Kerberos Version 5 Generic Security Service Application Program Interface (GSS-API) Mechanism: Version 2
Symmetrische Verschlüsselung
- FIPS PUB 46-3: Data Encryption Standard (DES), National Institute of Standards and Technology, October 25, 1999
- FIPS PUB 197: Advanced Encryption Standard (AES), National Institute of Standards and Technology, November 26, 2001
Public-Key Cryptography Standards (PKCS) - RSA Laboratories
- PKCS #1: RSA Cryptography Specifications Version 2.1 (RFC 2313)
- PKCS #1: RSA Cryptography Specifications Version 2.2 (RFC draft-moriarty-pkcs1-03)
- PKCS #3: Diffie-Hellman Key Agreement Standard, Version 1.4
- PKCS #5: Password-Based Cryptography Standard, Version 2.0 (RFC 2898)
- PKCS #5: Password-Based Cryptography Standard, Version 2.1 (RFC draft-moriarty-pkcs5-v2dot1-04)
- PKCS #6: Extended-Certificate Syntax Standard, Version 1.5
- PKCS #7: Cryptographic Message Syntax Standard, Version 1.5 (2315)
- PKCS #8: Private-Key Information Syntax Standard, Version 1.2 (RFC 5208)
- PKCS #8: EncryptedPrivateKeyInfo Media Type (RFC draft-seantek-pkcs8-encrypted-01)
- PKCS #9: Selected Object Classes and Attribute Types Version 2.0 (RFC 2985)
- PKCS #10: Certification Request Syntax Specification Version 1.7 (RFC 2986)
- PKCS #11: URI Scheme (RFC 7512)
- PKCS #12: Personal Information Exchange Syntax Version 1.1 (RFC 7292)
Generic Security Service API (GSS-API)
- RFC 2743: Generic Security Service Application Program Interface Version 2, Update 1
- RFC 5554: Clarifications and Extensions to the Generic Security Service Application Program Interface (GSS-API) for the Use of Channel Bindings
- RFC 2479: Independent Data Unit Protection Generic Security Service Application Program Interface (IDUP-GSS-API)
- RFC 2744: Generic Security Service API Version 2 : C-bindings
- RFC 5653: Generic Security Service API Version 2: Java Bindings Update